add sasl SCRAM-SHA-256 authentication mechanism #412
Conversation
|
can you sign the ECA @benbenw ? |
|
@vietj done |
|
@vietj just added a test based on org.testcontainers (already used in the mysql driver) the sals scram connection is now tested with the test suite |
|
travis test failed on postgresql 9 sasl scram is available starting with postgresql 10 will ignore the test if postgresql < v10 |
|
@vietj do you anything more for this PR ? |
vertx-pg-client/src/test/java/io/vertx/pgclient/junit/ContainerPgRule.java
Outdated
Show resolved
Hide resolved
|
@vietj I think we need to file a CQ for the new dependency first. |
|
can we test scram without testcontainer for now ? I will make the CQ for both though if we are going to use testcontainer for PG I would like rather a separate PR that migrates the project to use testcontainer for PG and a different one for scram. |
|
actually we already have testcontainer CQ for postgresql |
I have a branch that migrates most of the pg tests to test containers. I was waiting for this PR (scran) to be merged before pushing that branch. |
|
@benbenw can you make a separate PR for testcontainer that we merge first and then we finish review and merge this PR for scram ? |
Yep ! Will do. |
|
@vietj |
|
allright, we need to wait for the library CQ to be resolved. |
|
Indeed it would be good if you add something about the newly supported authentication method and the dependency used in the documentation. |
|
minimalist doc added |
|
sorry this has been pending for long time but we cannot yet use the scram library... |
|
@vietj no pb |
|
it is still pending |
|
it seems actually resolved but it is not clear to me, you can see the CQ here https://dev.eclipse.org/ipzilla/process_bug.cgi . I asked about it in the comments. |
|
this PR is good to go, would you main providing it for master instead ? |
|
ping @benbenw |
|
Will rebase on master. |
SCRAM-SHA-256-PLUS (added in Postgresql 11) is not supported. The scram part is provided by om.ongres.scram:client (BSD 2-Clause "Simplified" License) the sasl test is ignored for postgresql version < 10 Signed-off-by: zorglub <b.wiart@ubik-ingenierie.com>
|
@vietj The PR was rebased. |
|
I can't find a way to do it @benbenw |
|
I will checkout and test it myself |
|
thanks for the contribution @benbenw |
support SASL SCRAM-SHA-256 as an authentication mechanism.
SCRAM-SHA-256-PLUS (added in Postgresql 11) is not supported.
The scram part is provided by om.ongres.scram:client (BSD 2-Clause "Simplified" License), this is a new dependency.
This library also provides the scram support in pgjdbc.
Please review carefully, I'm not intimate with the vertx-pg-client source code.